GDPR (General Data Protection Regulation) is the EU regulation for protecting personal data that came into effect on May 25, 2018, replacing the 95/46/EC directive for personal data protection. The regulation has strengthened the rights that EU citizens have over their personal data.
CBK is committed to protecting the privacy and security of the personal information of our customers, employees, suppliers, and other stakeholders. Like many others, CBK works hard to ensure that our Privacy Policy meets the highest standards of data protection. In this regard, CBK is also ISO certified according to the ISO9001 standard, which deals with corporate quality management.
This entails a continuous commitment to our customers, employees, and other stakeholders regarding data collection, use, storage, and sharing practices. It also involves a continuous commitment to implementing appropriate technical security measures.
CBK's Privacy Policy is managed through our ISO work, KM (Knowledge Management) team, and management. This ensures significant engagement in privacy and security issues, adaptation of policies, procedures, and technical controls.
CBK undergoes annual audits with the audit firm RISE in connection with our ISO certification, including an audit of our commitment to GDPR. The results of the GDPR audit are closely monitored to improve and increase the level of compliance and adherence to GDPR at CBK.
How GDPR affects the organization
Leadership
Ownership of our quality management.
Processes
Processes where personal data is handled. Marketing, IT, services, and sales.
Employees
Personal data about employees.
Marketing
Consent, events, campaigns, social media, cookies. Learn more about the use of cookies here.
Systems
Types of personal data. Where the data is stored. Legal basis for storing personal data.
Contracts
Customer and supplier contracts where we acquire customers' and suppliers' personal data. Sales contracts where they process or have access to personal data.